Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f8/b1970d-9f7e-4c4a-8b04-5cee6d5f1a12/1/XTTdv33KsQy_aCKXkh61gS2QUHE.mft
File: XTTdv33KsQy_aCKXkh61gS2QUHE.mft (raw, json)
Hash identifier: g/P/OR1D5EpIamwEtF38K1AqfsDNmafs04Xgos4m/Po=
Subject key identifier: 72:A4:2E:01:C9:D9:4F:30:8A:5C:A7:42:CA:EF:5B:02:87:69:7F:BA
Authority key identifier: 5D:34:DD:BF:7D:CA:B1:0C:BF:68:22:97:92:1E:B5:81:2D:90:50:71
Certificate issuer: /CN=5d34ddbf7dcab10cbf682297921eb5812d905071
Certificate serial: 019D37C01A39888BF3943D14FB0ECB1263C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XTTdv33KsQy_aCKXkh61gS2QUHE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f8/b1970d-9f7e-4c4a-8b04-5cee6d5f1a12/1/XTTdv33KsQy_aCKXkh61gS2QUHE.mft
Manifest number: 078D
Signing time: Sun 29 Mar 2026 04:00:29 +0000
Manifest this update: Sun 29 Mar 2026 04:00:29 +0000
Manifest next update: Mon 30 Mar 2026 04:00:29 +0000
Files and hashes: 1: XTTdv33KsQy_aCKXkh61gS2QUHE.crl (hash: t0oYqHT5fCd3q6RlnKjpoI6PCNxJzG2qzpomM4MCf4o=)
2: yt6RWY6KGJ0emTVe0oqz88MCdCQ.roa (hash: bM/4s1Z9MxV2DL76ljpJ5UL1Z/n6o4GYGrAbLT9qX9M=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f8/b1970d-9f7e-4c4a-8b04-5cee6d5f1a12/1/XTTdv33KsQy_aCKXkh61gS2QUHE.crl
rsync://rpki.ripe.net/repository/DEFAULT/f8/b1970d-9f7e-4c4a-8b04-5cee6d5f1a12/1/XTTdv33KsQy_aCKXkh61gS2QUHE.mft
rsync://rpki.ripe.net/repository/DEFAULT/XTTdv33KsQy_aCKXkh61gS2QUHE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 04:00:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:37:c0:1a:39:88:8b:f3:94:3d:14:fb:0e:cb:12:63:c5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5d34ddbf7dcab10cbf682297921eb5812d905071
Validity
Not Before: Mar 29 04:00:29 2026 GMT
Not After : Mar 30 04:00:29 2026 GMT
Subject: CN=72a42e01c9d94f308a5ca742caef5b0287697fba
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:13:30:ab:01:fb:8b:02:94:2b:8f:93:39:b4:
18:96:ac:bc:0e:1f:77:b7:39:c0:31:49:a7:87:c2:
eb:2a:a8:72:2a:63:43:54:26:9e:84:37:8e:75:b1:
7c:85:93:91:bb:89:01:57:f3:88:bd:e6:54:e2:0c:
19:80:af:45:6b:1b:01:54:dd:06:46:15:18:79:46:
f6:05:4a:94:20:a8:fa:2e:0f:6b:72:7d:b5:4a:c7:
be:21:a4:52:b4:96:b9:e7:b0:8a:5d:5f:21:9d:63:
05:1c:63:ba:c3:0a:ee:7f:ff:c9:a4:61:de:50:06:
16:eb:51:71:9a:46:58:ea:8e:e8:14:be:00:98:eb:
2a:4d:d5:5d:e9:92:84:c1:f9:fb:9a:dc:d2:6a:17:
2e:f0:85:19:df:52:5e:0a:87:52:51:45:90:60:dd:
00:00:7b:d8:00:36:ec:74:d8:6c:4e:ab:88:33:40:
3d:50:9b:bb:8c:d2:6d:26:3f:87:a0:79:64:97:2c:
32:6f:52:dc:26:d0:15:9b:8d:0f:e6:64:04:39:b3:
53:5d:78:f1:69:e5:c7:d5:f9:89:5f:f8:70:a9:90:
54:9f:6c:25:01:56:c6:ec:f7:63:fc:ed:a5:20:71:
33:10:0b:bd:16:0c:3d:73:65:59:a9:dc:f6:e8:25:
39:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
72:A4:2E:01:C9:D9:4F:30:8A:5C:A7:42:CA:EF:5B:02:87:69:7F:BA
X509v3 Authority Key Identifier:
keyid:5D:34:DD:BF:7D:CA:B1:0C:BF:68:22:97:92:1E:B5:81:2D:90:50:71
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XTTdv33KsQy_aCKXkh61gS2QUHE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/b1970d-9f7e-4c4a-8b04-5cee6d5f1a12/1/XTTdv33KsQy_aCKXkh61gS2QUHE.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/b1970d-9f7e-4c4a-8b04-5cee6d5f1a12/1/XTTdv33KsQy_aCKXkh61gS2QUHE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
95:25:6d:07:75:36:e3:b6:59:99:44:fa:31:b9:7e:07:98:f5:
b1:0f:1f:fc:cf:d7:cd:85:c6:2b:7c:29:04:33:71:cb:c8:90:
c4:be:36:4d:2b:30:a6:50:9f:86:63:8c:51:2e:a7:1d:02:46:
3e:b9:cb:4b:cb:92:8c:ed:41:10:c2:65:9c:c9:57:58:10:53:
ab:e4:90:24:43:31:cd:a8:40:c2:71:2a:5f:d2:36:d7:6a:20:
7f:c1:e1:cc:23:78:28:45:3b:a7:e8:00:36:82:ee:f6:8b:de:
58:8f:8c:1c:09:88:78:20:86:b5:f7:30:d0:26:12:8c:65:a4:
7f:f6:fd:64:e4:99:e7:55:00:41:75:9e:e7:92:76:01:7c:09:
0e:87:0a:7f:73:b5:47:ae:8a:50:6a:53:1b:56:11:f3:99:08:
07:e8:35:78:bb:e7:27:bb:9c:2c:03:4b:49:83:6e:d9:1d:2f:
65:8d:5b:73:50:4a:c8:cc:fa:54:ce:a9:fb:dd:4d:5b:9b:f8:
c2:ae:cf:57:47:df:f0:29:67:05:9a:52:70:b8:18:d6:d8:f7:
79:55:c9:b0:30:28:94:75:83:04:d7:4b:ab:da:02:f9:26:b6:
ef:38:c0:37:94:71:ac:52:f4:aa:b3:58:51:f5:74:df:5b:e8:
e5:10:6b:a3
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ03wBo5iIvzlD0U+w7LEmPFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVkMzRkZGJmN2RjYWIxMGNiZjY4MjI5NzkyMWViNTgxMmQ5
MDUwNzEwHhcNMjYwMzI5MDQwMDI5WhcNMjYwMzMwMDQwMDI5WjAzMTEwLwYDVQQD
Eyg3MmE0MmUwMWM5ZDk0ZjMwOGE1Y2E3NDJjYWVmNWIwMjg3Njk3ZmJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAixMwqwH7iwKUK4+TObQYlqy8Dh93
tznAMUmnh8LrKqhyKmNDVCaehDeOdbF8hZORu4kBV/OIveZU4gwZgK9FaxsBVN0G
RhUYeUb2BUqUIKj6Lg9rcn21Sse+IaRStJa557CKXV8hnWMFHGO6wwruf//JpGHe
UAYW61FxmkZY6o7oFL4AmOsqTdVd6ZKEwfn7mtzSahcu8IUZ31JeCodSUUWQYN0A
AHvYADbsdNhsTquIM0A9UJu7jNJtJj+HoHlklywyb1LcJtAVm40P5mQEObNTXXjx
aeXH1fmJX/hwqZBUn2wlAVbG7Pdj/O2lIHEzEAu9Fgw9c2VZqdz26CU5IQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHKkLgHJ2U8wilynQsrvWwKHaX+6MB8GA1UdIwQY
MBaAFF003b99yrEMv2gil5IetYEtkFBxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWFRUZHYzM0tzUXlfYUNLWGtoNjFnUzJRVUhFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOC9iMTk3MGQtOWY3ZS00YzRhLThiMDQt
NWNlZTZkNWYxYTEyLzEvWFRUZHYzM0tzUXlfYUNLWGtoNjFnUzJRVUhFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mOC9iMTk3MGQtOWY3ZS00YzRhLThiMDQtNWNlZTZkNWYxYTEy
LzEvWFRUZHYzM0tzUXlfYUNLWGtoNjFnUzJRVUhFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAlSVtB3U2
47ZZmUT6Mbl+B5j1sQ8f/M/XzYXGK3wpBDNxy8iQxL42TSswplCfhmOMUS6nHQJG
PrnLS8uSjO1BEMJlnMlXWBBTq+SQJEMxzahAwnEqX9I212ogf8HhzCN4KEU7p+gA
NoLu9oveWI+MHAmIeCCGtfcw0CYSjGWkf/b9ZOSZ51UAQXWe55J2AXwJDocKf3O1
R66KUGpTG1YR85kIB+g1eLvnJ7ucLANLSYNu2R0vZY1bc1BKyMz6VM6p+91NW5v4
wq7PV0ff8ClnBZpScLgY1tj3eVXJsDAolHWDBNdLq9oC+Sa27zjAN5RxrFL0qrNY
UfV031vo5RBrow==
-----END CERTIFICATE-----
Generated at Sun Mar 29 12:35:16 2026 by rpki-client